aws

Documentation

Index

• func BuildCredentialsFromServiceAccount(ctx context.Context, c client.Client, name string, namespace string, ...) (*stscreds.WebIdentityRoleProvider, error)
• func GetAwsSecretsManagerSecret(ctx context.Context, aws AwsClientFactory, profile *string, region *string, ...) (string, error)
• func LoadAwsConfigHelper(ctx context.Context, c client.Client, awsConfig *types.AwsConfig, ...) (aws.Config, error)
• type AwsClientFactory
  • func NewClientFactory(c client.Client, awsConfig *types.AwsConfig) AwsClientFactory
• type FakeAwsClientFactory
  • func NewFakeClientFactory() *FakeAwsClientFactory
  • func (f *FakeAwsClientFactory) GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, ...) (*secretsmanager.GetSecretValueOutput, error)
  • func (f *FakeAwsClientFactory) SecretsManagerClient(ctx context.Context, profile *string, region *string) (GetSecretValueInterface, error)
• type GetSecretValueInterface
• type Resource
  • func SplitResource(resource string) (Resource, error)

Functions

func BuildCredentialsFromServiceAccount

func BuildCredentialsFromServiceAccount(ctx context.Context, c client.Client, name string, namespace string, sessionName string) (*stscreds.WebIdentityRoleProvider, error)

func GetAwsSecretsManagerSecret

func GetAwsSecretsManagerSecret(ctx context.Context, aws AwsClientFactory, profile *string, region *string, secretName string) (string, error)

func LoadAwsConfigHelper

func LoadAwsConfigHelper(ctx context.Context, c client.Client, awsConfig *types.AwsConfig, profile *string, optFnsIn ...func(*config.LoadOptions) error) (aws.Config, error)

LoadAwsConfigHelper will try to load the profile given either by profile or by awsConfig.Profile and only if this succeeds (the profile exists), it will use it to perform default config loading. The reason for this is that non-existent profiles is expected in Kluctl, at it might run on an environment that does not have the profile configured, in which case it should not error out later (due to it using a non-existing profile). This helper will also try to load service account based web identity configuration.

Types

type AwsClientFactory

type AwsClientFactory interface {
	SecretsManagerClient(ctx context.Context, profile *string, region *string) (GetSecretValueInterface, error)
}

func NewClientFactory

func NewClientFactory(c client.Client, awsConfig *types.AwsConfig) AwsClientFactory

type FakeAwsClientFactory

type FakeAwsClientFactory struct {
	GetSecretValueInterface

	Secrets map[string]string
}

func NewFakeClientFactory

func NewFakeClientFactory() *FakeAwsClientFactory

func (*FakeAwsClientFactory) GetSecretValue

func (f *FakeAwsClientFactory) GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetSecretValueOutput, error)

func (*FakeAwsClientFactory) SecretsManagerClient

func (f *FakeAwsClientFactory) SecretsManagerClient(ctx context.Context, profile *string, region *string) (GetSecretValueInterface, error)

type GetSecretValueInterface

type GetSecretValueInterface interface {
	GetSecretValue(ctx context.Context, params *secretsmanager.GetSecretValueInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetSecretValueOutput, error)
}

type Resource

type Resource struct {
	ResourceId   string
	ResourceType string
}

func SplitResource

func SplitResource(resource string) (Resource, error)